Privacy Policy

Effective: 1/23/2023

Revised: 10/25/2024

 

Print (PDF)

Overview

The California High-Speed Rail Authority (Authority) is committed to promoting and protecting the privacy rights of individuals, as enumerated in Article 1, Section 1 of the California Constitution, the Information Practices Act of 1977, and other state and federal laws.

It is the policy of the Authority to limit the collection, use, and disclosure of personal information maintained by the Authority and safeguard the privacy of personal information collected or maintained. The Authority’s information management practices are governed by the requirements of the Information Practices Act (Civil Code Section 1798 et seq.), the California Public Records Act (Government Code Section 7920.000 et seq.), Government Code Sections 11015.5 and 11019.9, and other applicable laws pertaining to information confidentiality.

Our privacy policy reflects the Authority’s current business practices and is subject to change without notice. The Authority reserves the right to make the revised notice effective for personal information we already maintain about you, as well as, any information we receive in the future.

 

Personal information and choice

“Personal information” is information about a natural person that identifies or describes an individual, including, but not limited to, the individual’s name, social security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history, readily identifiable to that specific individual. It includes statements made by, or attributed to, the individual. A domain name or Internet Protocol (IP) address is not considered personal information, however, it is considered “electronically collected personal information.”

According to Government Code § 11015.5.(d.)(1), “electronically collected personal information” means any information that is maintained by an agency that identifies or describes an individual user, including, but not limited to, the user’s name, social security number, physical description, home address, home telephone number, education, financial matters, medical or employment history, password, electronic mail address, and information that reveals any network location or identity, but excludes any information manually submitted to a State agency by a user, whether electronically or in written form, and information on or relating to individuals who are users, serving in a business capacity, including, but not limited to, business owners, officers, or principals of that business.

If any type of personal information is requested on the web site or volunteered by the user, State law, including the Information Practices Act of 1977, Government Code Section 11015.5., and the federal Privacy Act of 1974 may protect it. However, this information may be a public record once you provide it, and may be subject to public inspection and copying if not otherwise protected by federal or State law.

 

Cookies

When you visit a website, a small file called a cookie can be sent to your computer. This cookie collects information about how you browse the site.

Cookies are used to:

• Identify and customize webpages for you.
• Monitor how you use the website so we can offer improvements based on your needs.

 

How we use cookies

Using our site collects Per-Session Cookies.

Per Session Cookies are:

• Stored in the memory of your computer.
• Only available during an active browser session.
• Erased as soon as you close your Web browser.

Each time you visit our website, we automatically record the following information:

Information	Definition
Date	Date of visit.
Time	Time of visit.
Authority Server IP Address	Internet Protocol Address of our web server – Our server’s address.
General Location of Visit	General Country, State, and City of where the website address was requested
Referrer	Uniform Resource Locator (URL) of the web page that sent the requested file.
HTTP Status	Codes that indicate the condition of the request, report errors, and other necessary information; e.g., 404 Requested Page Not Found.
HTTP Request URL	The address of the web page or file you requested.
Bytes Sent	Amount of data you downloaded during your visit.
Bytes Received	Amount of data you uploaded during your visit.
User Agent	Name and version of your web browser or other software that requested information from us.
Protocol Version	Version of HTTP used by your web browser.
Cookie	A small test file, primarily used to customize webpages for the visitor. We limit our use of cookies.

Statement of automatic collection

The Authority does not use the automatic collection of information of users or visitors to the website. We utilize Google Analytics to help understand how visitors interact with our websites so the sites may be improved.

However, Google tracking cookies may be used to provide information to Google Analytics. Our website uses Google Analytics to track website statistics. Google tracking code is used by every website or application that Google employs. Consequently, no information identifying you or your device is being stored at Google via our utilization of Google Analytics. You can read Google’s security and privacy policies for Google Analytics and choose not to have your data used by Google Analytics by downloading their opt-out browser add-on. Before taking such steps, you should be aware that some websites may not work properly if you choose to block the placement of cookies on your computer. You will need to decide whether enabling cookies outweighs privacy concerns.

 

Information we collect for specific requests:

Request	Type and Purpose of Information Collected
Request to receive email updates.	You are required to enter your last name, email address, select a contact, and interest category. Your first name, telephone number, state, zip code, and brief message fields are all voluntary information. Your email address will be used to receive email updates. Your last name and email address are used to identify your registration and send you notifications and information. The form, including all the information you provide, may be subject to disclosure pursuant to the California Public Records Act.
Board of Directors Speaker Card	You are requested to provide your name to properly identify you as a speaker. When you speak before the Authority’s Board of Directors, your name, if provided, is included in the Authority’s official minutes and the meeting is audio and video recorded and broadcasted throughout the internet. All other information (Email, Address, Phone, City, State, Zip, and Comments) is also voluntary, but if submitted, may be used to send you notifications and information. The form, including all the information you provide, may be posted on the Authority’s website and/or may be subject to disclosure pursuant to the California Public Records Act.
To submit your general questions regarding the California high-speed rail program.	You are required to identify a contact category and your interest-as designation, last name, email address, and a brief message. Your email address will be used sign up to receive email updates. Your email address is used to identify your registration and send you notifications and information. The form, including all the information you provide, may be subject to disclosure pursuant to the California Public Records Act.
Speaker Request Form	The Authority Speaker’s Bureau is a program run by the Authority’s Office of Communications to educate and inform the public about the high-speed rail program. To request a speaker, you must complete the Speaker Request Form. This form requires you to provide your name (first and last), telephone, email address and the name of your organization/entity in order for us to contact someone from your organization about your request.
Media Inquiries Form	This form is for members of the media to contact the Authority’s Office of Strategic Communications. The form requires you to provide your first and last name, email address, phone number and your inquiry so a member of the Office of Strategic Communications can contact you to respond to your inquiry.
Special Notice About Children for the IWillRide Program or Media Consent Requests	Children are not eligible to use services that require the submission of personal information, and we do not require minors (under the age of 18) to submit any personal information to us. This includes submitting personal information to the Authority as part of an I Will Ride or Media Consent form(s). If you are a minor, you must use these programs and services with your parent’s or guardians’ consent. If you are a minor, you should seek guidance from your parents or guardians about this notice. If the Authority wants to collect personal information from children, it will notify parents that such information is being requested, disclose the reasons for collecting the information, and disclose how the Authority intends to use the information. The Authority will seek parental consent before collecting any personally identifiable information from children. If the Authority does collect a child’s personal information, the child, parent, or guardian may request information on the data being collected, view their (child’s) information provided, and, if they choose, prohibit the Authority from making further use of their (child’s) information. Information will be retained for five (5) years or until the child is 18 years of age, then destroyed per departmental policy. The Authority will not provide personal information about children to third parties.
Protections and Retention	The Authority uses industry-standard safeguards to protect the information we collect. The Authority stores your information for five years, unless requested otherwise.

 

What we do with the information collected

The Authority uses the information gathered to help us improve the website and to process your requests. We do not sell your information or distribute it to anyone outside of the Authority.

 

We use personal information only for the specified purposes, or purposes consistent with those purposes, unless we have gained consent from the individual, or unless required by law or regulation.

The Authority will only utilize the personal information collected for the purpose(s) stated on or before the time of collection. The statement may either be in a Privacy Policy or a Privacy Notice on Collection with the form used to collect personal information.

Personal information will not be disclosed, made available, or otherwise used for purposes other than those specified at the time of collection, except with the consent of the subject of the data, or as authorized by law (See Public disclosure section, below). Should the Authority decide the information will be used in a manner not specified, the information will be recollected for that purpose.

The California Public Records Act ensures that government is open and that the public has a right to access appropriate records and information possessed by state government. However, at the same time, certain exemptions to disclosure exist in both state and federal law. These exemptions serve various needs, including maintaining the privacy of individuals. In the event of a conflict between this Policy and the California Public Records Act, the Information Practices Act, or any other law governing the disclosure of records, the applicable law will control.

 

Your Individual California Privacy Rights

The Authority allows individuals who provide personal information to review their information and contest its accuracy or completeness. Individuals may request a correction of any inaccuracies by contacting the Authority’s Privacy Officer at PrivacyOfficer@hsr.ca.gov or by the contact information listed below.

Under Government Code § 11015.5., if you choose, you may have any personal information collected about you discarded without reuse or distribution, provided we are contacted in a timely fashion.

 

We use information security safeguards

The Authority uses information security safeguards to protect the personal information we collect and maintain against loss, unauthorized access and illegal use or disclosure. Security measures are integrated into the design, implementation and day-to-day operations of the Authority’s entire business environment. The Authority protects the integrity of all communications and computing infrastructure by implementing password authentication, monitoring, auditing, and encryption of browser communications. Staff are trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to staff whose work requires such access. Periodic reviews are done to ensure that proper information management policies and procedures are understood and followed.

The Authority encourages all individuals to use appropriate safeguards to secure their personal computers and the information on those computers as well.

 

Public disclosure

In the State of California, laws exist to ensure that government is open and that the public has a right to access appropriate records and information possessed by State government. At the same time, certain exemptions to disclosure exist in both state and federal law. These exemptions serve various needs including maintaining the privacy of individuals.

All information collected by the Authority becomes public record that may be subject to inspection and copying by the public, unless an exemption in law exists. In the event of a conflict between this Policy and the Public Records Act, the Information Practices Act, or other law governing the disclosure of records, the applicable law will control.

 

Limitation of liability

The Authority attempts to maintain the highest accuracy of content on its website. Any errors or omissions should be reported to the Privacy Officer.

The Authority makes no claims, promises, or guarantees about the absolute accuracy, completeness, or adequacy of the contents of this website and expressly disclaims liability for errors and omissions in the contents of this website. No warranty of any kind, implied, expressed, or statutory, including but not limited to the warranties of non-infringement of third party rights, title, merchantability, fitness for a particular purpose, and freedom from computer virus, is given with respect to the contents of this website or its hyperlinks to other Internet resources. Reference in this website to any specific commercial products, processes, or services, or the use of any trade, firm, or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favoring by the State of California, or its employees or agents.

 

Links to other websites

Our website includes links to other websites. We provide these links as a convenience. Please read the privacy policy of any website that collects your personal information. These websites and their privacy policies are not under the Authority’s control.

 

Ownership

In general, the information presented on this website, unless otherwise indicated, is considered in the public domain. It may be distributed or copied as permitted by law. However, the Authority does make use of copyrighted data (e.g., photographs), which may require additional permissions prior to your use. In order to use any information on this website not owned or created by the Authority, you must seek permission directly from the owning (or holding) sources. The Authority shall be free to use, for any purpose, any ideas, concepts, or techniques contained in the information provided through this site.

 

Contact Information for this privacy policy

To request access to your record, report any inaccuracies, file complaints, submit comments, ask questions related to this privacy policy or personal information provided, please contact us by email, telephone, or postal mail at:

California High-Speed Rail Authority
ATTN: Privacy Officer
770 L Street, Ste.660 MS-6
Sacramento, CA 95814
PH# (916) 324-1541
PrivacyOfficer@hsr.ca.gov

Please note that questions unrelated to the Authority’s privacy policy may not receive a response. This privacy policy is reviewed annually or as privacy regulations change; it is reviewed annually on January 31 or when changes require immediate updates. This privacy policy reflects the Authority’s current business practices.